Thomas
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability. This week, advisories were released for mod_dav, w3m, cups, php, mysql, openssl,
mailman, syslinux, nethack, bitchx, util-linux, apcupdb, pam, shadow-utils,
and imp. The distributors include Caldera, Debian, Guardian Digital’s
EnGarde Secure Linux, Gentoo, Mandrake, Red Hat, and SuSE.
LinuxSecurity Feature Extras:
Remote
Syslog with MySQL and PHP – Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.Review:
Mastering Network Security, Second Edition – The introduction states
that this book is aimed at systems administrators who are not security
experts, but have some responsibility for ensuring the integrity of their
systems. That would seem to cover most sysadmins.
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
The Linux Advisory Watch newsletter is developed by the community
of volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.
| Package: | mod_dav |
| Date: | 02-17-2003 |
| Description: | The Apache mod_dav module contains a format string vulnerability in the “ap_log_rerror()” function. |
| Vendor Alerts: | Caldera:
|
| Package: | w3m |
| Date: | 02-14-2003 |
| Description: | The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may deceive a user to send his local cookies which are used for configuration. The information is not leaked automatically, though. |
| Vendor Alerts: | Debian:
|
| Package: | cups |
| Date: | 02-20-2003 |
| Description: | This update corrects a library dependency for the libcupsys2 package which sneaked in with the last security update to CUPS for the stable distribution. |
| Vendor Alerts: | Debian:
|
| Package: | php |
| Date: | 02-19-2003 |
| Description: | A heap-based buffer overflow vulnerability has been found in the wordwrap() function of PHP. This vulnerability may cause a denial of service attack or arbitrary code execution if wordwrap() is used on untrusted input. |
| Vendor Alerts: | EnGarde:
|
| Package: | mysql |
| Date: | 02-19-2003 |
| Description: | This update fixes a double free() bug in the MySQL daemon that could allow an attacker, with a specially crafted MySQL client, to crash the server. The attacker also requires a valid user account. |
| Vendor Alerts: | EnGarde:
|
| Package: | openssl |
| Date: | 02-20-2003 |
| Description: | In an upcoming paper, Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and Martin Vuagnoux (EPFL, Ilion) describe and demonstrate a timing-based attack on CBC cipher suites used in SSL and TLS. OpenSSL has been found to vulnerable to this attack. This update fixes these vulnerabilities. |
| Vendor Alerts: | EnGarde:
|
| Package: | mailman |
| Date: | 02-17-2003 |
| Description: | The email variable and the default error page in mailmain 2.1 contains cross site scripting vulnerabilities. |
| Vendor Alerts: | Gentoo:
|
| Package: | syslinux |
| Date: | 02-17-2003 |
| Description: | Security flaws have been found in the SYSLINUX installer when running setuid root. Rewrite the SYSLINUX installer so it uses mtools instead. It therefore now requires mtools (specifically mcopy and mattrib) to exist on your system, but it will not require root privileges and SHOULD NOT be setuid. |
| Vendor Alerts: | Gentoo:
|
| Package: | nethack |
| Date: | 02-18-2003 |
| Description: | Overflowing a buffer in nethack may lead to privelige escalation to games uid. |
| Vendor Alerts: | Gentoo:
|
| Package: | bitchx |
| Date: | 02-20-2003 |
| Description: | A denial of service vulnerability exists in BitchX. Sending a malformed RPL_NAMREPLY numeric 353 causes BitchX to segfault. |
| Vendor Alerts: | Gentoo:
|
| Package: | util-linux |
| Date: | 02-13-2003 |
| Description: | The util-linux package provides the mcookie utility, a tool for generating random cookies that can be used for X authentication. The util-linux packages that were distributed with Mandrake Linux 8.2 and 9.0 had a patch that made it use /dev/urandom instead of /dev/random, which resulted in the mcookie being more predictable than it would otherwise be. This patch has been removed in these updates, giving mcookie a better source of entropy and making the generated cookies less predictable. Thanks to Dirk Mueller for pointing this out. |
| Vendor Alerts: | Mandrake:
|
| Package: | apcupsd |
| Date: | 02-13-2003 |
| Description: | A remote root vulnerability in slave setups and some buffer overflows in the network information server code were discovered by the apcupsd developers. They have been fixed in the latest unstable version, 3.10.5 which contains additional enhancements like USB support, and the latest stable version, 3.8.6. |
| Vendor Alerts: | Mandrake:
|
| Package: | pam |
| Date: | 02-18-2003 |
| Description: | Andreas Beck discovered that the pam_xauth module would forward authorization information from the root account to unprivileged users. This can be exploited by a local attacker to gain access to the root user’s X session. In order for it to be successfully exploited, the attacker would have to somehow get the root user to su to the account belonging to the attacker. |
| Vendor Alerts: | Mandrake:
|
| Package: | shadow-utils |
| Date: | 02-18-2003 |
| Description: | Updated shadow-utils packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. |
| Vendor Alerts: | Red Hat:
|
| Package: | imp |
| Date: | 02-18-2003 |
| Description: | An attacker can gain access to protected information or, in conjunction with PostgreSQL, execute shell commands remotely. |
| Vendor Alerts: | SuSE:
|
Category:
- Security
